diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-04-24 12:51:12 -0400 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-04-24 12:58:12 -0400 |
commit | 229840974084340dab14fd8b12c4c72b6e8072c0 (patch) | |
tree | 8523a13d6e6da64933b4866265a4d40722393571 /TODO.md | |
parent | if_wg: ensure peer lifetime (diff) | |
download | wireguard-freebsd-229840974084340dab14fd8b12c4c72b6e8072c0.tar.xz wireguard-freebsd-229840974084340dab14fd8b12c4c72b6e8072c0.zip |
if_wg: count on peers always having a remote
We do a pretty nasty hack in the allowedips selftest to avoid having to
allocate more memory. Seems to work.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to '')
-rw-r--r-- | TODO.md | 8 |
1 files changed, 2 insertions, 6 deletions
@@ -1,20 +1,16 @@ -### Primary systems TODO +### Primary TODO - Finish porting [this script](https://git.zx2c4.com/wireguard-linux/tree/tools/testing/selftests/wireguard/netns.sh) to `./tests/netns.sh` using vnets and epairs. -- Rework locking and epoch lifetimes; come up with consistent set of rules. - Shore up vnet support and races/locking around moving between vnets. - Work out `priv_check` from vnet perspective. (There's no `ns_capable()` on FreeBSD, just `capable()`, which makes it a bit weird for one jail to have permissions in another.) - Make code style consistent with one FreeBSD way, rather than a mix of styles. -- Make sure noise state machine is correct. -- Investigate whether the allowed ips lookup structure needs reference - counting. ### Crypto TODO -- Do packet encryption using opencrypto/ with sg lists on the mbuf, so that we don't need to linearize mbufs. +- Do packet encryption using opencrypto/ with sg lists on the mbuf. - Send 25519 upstream to sys/crypto, and port to it. - Send simple chapoly upstream to sys/crypto, and port to it. - Port to sys/crypto's blake2s implementation. |